<?php

function send_load_feedback()
{
   if(isset($_SESSION['logged_in']) && $_SESSION['permissions'] != "Admin")
      return true;
   else
      return false;
}

function send_menu_feedback()
{
   return "<a href=?q=feedback>Feedback</a>";
}

function send_content_feedback()
{
   if(isset($_GET['q']))
   {
      if($_GET['q'] == "feedback")
      {
         $content ='
                    <form name="contactform" method="post" action="?q=feedback_submit">
	               <table width="450px">
	               </tr>
	               <tr>
	                  <td valign="top">
 	                     <label for="first_name">First Name *</label>
 	                  </td>
 	                  <td valign="top">
  	                     <input  type="text" name="first_name" maxlength="50" size="30">
 	                  </td>
	               </tr>
	               <tr>
                          <td valign="top"">
                             <label for="last_name">Last Name *</label>
                          </td>
                          <td valign="top">
                             <input  type="text" name="last_name" maxlength="50" size="30">
                          </td>
                       </tr>
                       <tr>
                          <td valign="top">
                             <label for="email">Email Address *</label>
                          </td>
                          <td valign="top">
                             <input  type="text" name="email" maxlength="80" size="30">
                          </td>
                       </tr>
                       
                       <tr>
                          <td valign="top">
                             <label for="comments">Comments *</label>
                          </td>
                          <td valign="top">
                             <textarea  name="comments" maxlength="1000" cols="25" rows="6"></textarea>
                          </td>
                       </tr>
                       <tr>
                          <td colspan="2" style="text-align:center">
                             <input type="submit" value="Submit">   <a href="index.html">Email Form</a>
                          </td>
                       </tr>
                       </table>
                    </form>';
         return $content;    
      }
      else if($_GET['q'] == "feedback_submit")
     
      {
         global $db_agent;

         if($db_agent == "mysql")
         {
            
            $user_first_name = $_POST['first_name'];
            if(strlen($user_first_name)>20)
               return "Please dont hack";
            $user_last_name  = $_POST['last_name'];
            if(strlen($user_last_name)>20)
            return "Please dont hack";
            $email= $_POST['email'];
            if($email == "")
            return "Email is mandatory";
            $Comments = $_POST['comments'];
                  

            $query = "insert into feedback values('$user_first_name', '$user_last_name', '$email','$Comments', @)";
            $result = query_db($query);
            if(!$result)
               return "Problem with SQL";

            return "Feedback Sent Successfuly";
         }
       }
   }
}

function send_content_other_feedback()
{

}

function clean_string($string) {
   $bad = array("content-type","bcc:","to:","cc:","href");
   return str_replace($bad,"",$string);
}

?>
